CVE-2019-0030

HIGH

Juniper ATP <5.0.3 - Info Disclosure

Title source: llm

Description

Juniper ATP uses DES and a hardcoded salt for password hashing, allowing for trivial de-hashing of the password file contents. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.

References (1)

[Vendor Advisory] https://kb.juniper.net/JSA10918

Scores

CVSS v3 7.2

EPSS 0.0006

EPSS Percentile 19.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-327 CWE-916

Status published

Products (1)

juniper/advanced_threat_prevention_firmware 5.0.0 - 5.0.3

Published Jan 15, 2019

Tracked Since Feb 18, 2026